edge-ai-libraries/.github/workflows/timeseries-build-pull-request.yml at 91a5fccdf796acc38a46e6f2158abcfdc0c57ec6 · open-edge-platform/edge-ai-libraries · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
#
# Apache v2 license
# Copyright (C) 2025 Intel Corporation
# SPDX-License-Identifier: Apache-2.0
#
name: "[Time Series] PR workflow"
run-name: "[Time Series] PR  workflow (by @${{ github.actor }} via ${{ github.event_name }})"
on:
  push:
    branches:
      - 'main'
    paths:
      - 'microservices/time-series-analytics/*'
      - 'microservices/time-series-analytics/config/**'
      - 'microservices/time-series-analytics/docker/**'
      - 'microservices/time-series-analytics/src/**'
      - 'microservices/time-series-analytics/tests/**'
      - 'microservices/time-series-analytics/tick_scripts/**'
      - 'microservices/time-series-analytics/udfs/**'
  pull_request:
    paths:
      - 'microservices/time-series-analytics/*'
      - 'microservices/time-series-analytics/config/**'
      - 'microservices/time-series-analytics/docker/**'
      - 'microservices/time-series-analytics/src/**'
      - 'microservices/time-series-analytics/tests/**'
      - 'microservices/time-series-analytics/tick_scripts/**'
      - 'microservices/time-series-analytics/udfs/**'
  workflow_call:
  workflow_dispatch:
permissions: {}

jobs:
  timeseries-pre-merge-build:
    permissions:
      contents: read
      packages: read          # needed for actions/checkout
    runs-on: ubuntu-24.04
    steps:
    - name: Runner workspace path
      run: |
        echo "Cleaning up previous run"
        if [ -n "$(docker ps -aq)" ]; then
            docker stop $(docker ps -aq)
        fi
        if [ -n "$(docker ps -aq)" ]; then
            docker rm $(docker ps -aq)
        fi
        docker images --quiet --filter=dangling=true | xargs --no-run-if-empty docker rmi -f
    - uses: actions/checkout@v1
      with:
          path: timeseries
          persist-credentials: false
    - name: Build
      run: |
        cd ./microservices/time-series-analytics/docker
        sed -i "s/DOCKER_REGISTRY=.*/DOCKER_REGISTRY=admin/g" .env
        docker compose down -v
        docker compose build
    - name: Deploy
      run: |
        cd "${{ github.workspace }}"
        cd ./microservices/time-series-analytics/docker
        echo "Deploying time-series-analytics microservices"
        docker compose up -d
    - name: Undeploy
      run: |
        cd "${{ github.workspace }}"
        cd ./microservices/time-series-analytics/docker
        docker compose down -v

  timeseries-unit-test:
    name: Timeseries Unit Test
    permissions:
      contents: read
      packages: read          # needed for actions/checkout
    runs-on: ubuntu-24.04
    steps:
    - uses: actions/checkout@v1
      with:
          path: timeseries
          persist-credentials: false
    - name: Run unit tests
      run: |
        cd "${{ github.workspace }}"
        cd ./microservices/time-series-analytics
        echo "Running unit tests"
        ./tests/run_tests.sh
        coverage=$(grep 'TOTAL' /tmp/unit-test-results.txt | awk '{print $4}')
        # Extract test summary
        summary=$(grep -Eo '[0-9]+ (passed|failed|skipped)' /tmp/unit-test-results.txt)
        # Calculate total number of test cases
        total_tests=$(echo "$summary" | awk '{sum += $1} END {print sum}')
        # Extract number of passed tests
        passed_tests=$(echo "$summary" | grep 'passed' | awk '{print $1}')
        # Extract number of failed tests
        failed_tests=$(echo "$summary" | grep 'failed' | awk '{print $1}')
        # Print results
        echo "Coverage: $coverage" >> $GITHUB_STEP_SUMMARY
        echo "Total tests: $total_tests" >> $GITHUB_STEP_SUMMARY
        echo "Passed tests: $passed_tests" >> $GITHUB_STEP_SUMMARY
        echo "Failed tests: $failed_tests" >> $GITHUB_STEP_SUMMARY
    - name: Upload HTML unit test coverage to Github
      uses: actions/upload-artifact@v4
      with:
        name: unit-test-coverage
        path: /tmp/htmlcov
    - name: Upload XML unit test coverage to Github
      uses: actions/upload-artifact@v4
      with:
        name: unit-test-report
        path: /tmp/report.txt

  bandit-scans:
    name: Run Bandit Scan
    runs-on: ubuntu-24.04
    strategy:
      fail-fast: false
      matrix:
        include:
          - ubuntu_version: ubuntu24
    steps:
    - name: Check out edge-ai-libraries repository
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #4.2.2
      with:
        path: edge-ai-libraries-repo
        persist-credentials: false

    - name: Run Bandit Scan
      run: |
        mkdir -p reports
        docker pull ghcr.io/pycqa/bandit/bandit
        echo "### Bandit Scan Results" >> $GITHUB_STEP_SUMMARY
        docker run --rm -v "${{ github.workspace }}:/src" ghcr.io/pycqa/bandit/bandit -r /src/edge-ai-libraries-repo/microservices/time-series-analytics -f txt -o /src/reports/bandit-report.txt || true >> $GITHUB_STEP_SUMMARY
        echo "Please find full report in bandit-report.txt" >> $GITHUB_STEP_SUMMARY
    - name: Upload Scan Reports
      uses: actions/upload-artifact@v4
      with:
        name: bandit-report
        path: reports/bandit-report.txt
    - name: Clean up
      if: always()
      run: |
        rm -rf edge-ai-libraries-repo
        if [ -n "$(docker images -aq)" ]; then
              docker rmi -f $(docker images -aq) || true
        fi

  virus-scans:
    name: Run Virus Scan
    runs-on: ubuntu-24.04
    strategy:
      fail-fast: false
      matrix:
        include:
          - ubuntu_version: ubuntu24
    steps:
    - name: Check out edge-ai-libraries repository
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #4.2.2
      with:
        path: edge-ai-libraries-repo
        persist-credentials: false
    - name: Run Virus Scan
      run: |
        mkdir -p reports
        docker pull clamav/clamav
        echo "### Virus Scan Results" >> $GITHUB_STEP_SUMMARY
        docker run --rm -v "${{ github.workspace }}:/src" clamav/clamav clamscan -r  /src/edge-ai-libraries/microservices/time-series-analytics/ > ./reports/clamav-report.txt || true
        echo "Please find full report in clamav-report.txt" >> $GITHUB_STEP_SUMMARY
    - name: Upload Scan Reports
      uses: actions/upload-artifact@v4
      with:
        name: virus-reports
        path: reports/clamav-report.txt
    - name: Clean up
      if: always()
      run: |
        rm -rf edge-ai-libraries-repo
        if [ -n "$(docker images -aq)" ]; then
              docker rmi -f $(docker images -aq) || true
        fi